Here is another problem. Web servers like Apache (and IIS) can be configured to assume different UserIds to access different directories. This way any subprocess of the WebServer (including cgi clients and plugins) have to abide by the user login restrictions on the web server computer. A TAF belonging to one user is not accessible to other users, because you can set different identities for the web server for different virtual ( and home) directories. By the way, the TAFs are read by the witango client and passed to the Witango server through the CGI-Plugin Client-Server TCPIP connection. The TAFs are not read by the Server for execution, but by the client. If you have a TAF directory read write problem, check the rights obtained by the client.
On the other hand the Witango Server file read and write Actions require Witango Server to have local read/write access rights. I am not sure if it is possible to set User IDs as in (suid) for the Witango actions so that Witango reads "Sri's" directory as Sri only, and not as Witango user with group access rights. At this time if Witango is not part of Sri's group, Witango Server cannot write to Sri's directory (if not given super-user or admin rights).
With out this ability to restrict by user identity, a TAF from one user could "by mistake" overwrite other user directories. If Sri and Daniel both need write capability, there is no way to restrict Sri from writing into Daniel's directory. So in a hosted situation, it now becomes absolutely essential for the Witango Admin to have full trust in their customer's intentions and programming ability. A delete from directory root can be catastrophic. If what I understand here is accurate, it will not be possible to allow file action read and right access to customers in Hosting Services situations without risk.
The solution for this is to have an additional field in the file Action that defines the user identity and user password (not the same as the system login password). This identity can be used to to translate to various systems resources including directory access at the server side, by the Witango Server during execution.
By extension, if you are going to write your own applets or DLLs or command line utilities, you may find it useful to incorporate "suid" capabilities to protect yourself from malicious code. Be sure to contribute your code freely to the Witango user community .. just kidding! ;) :) .. (many times) .. :)
Love to hear comments from Witango technical team, especially, if I have misunderstood something here.
Sri Amudhanar
703 729 0600
[EMAIL PROTECTED]
Bill Conlon wrote:
I want to be able to manipulate directories (read directory listings and file permissions) and create/delete directories. The built-in file actions only provide file access, and don't seem to offer anything for directories.
It looks like I could use:
* a JavaScript File Object within a Script action. This is probably easiest for me to do.
* a JavaBean within a CallMethod action. This is probably the most effective in terms of server utilization, but I've never used witango methods & objects, and it's been a while since I did any Java programming (though I have found some templates online).
* use a shell script or Java applet within an external action. This would seem to require spawning a new process, hence would probably be the most expensive in terms of server utilization.
Anyone have any thoughts before I embark on this voyage?
Bill Conlon
To the Point 345 California Avenue Suite 2 Palo Alto, CA 94306
office: 650.327.2175 fax: 650.329.8335 mobile: 650.906.9929 e-mail: mailto:[EMAIL PROTECTED] web: http://www.tothept.com
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
